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MEMORANDUM FOR: Chief, Management Staff, ODP 
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THROUGH: Chief, Engineering Division, P/ODP 4% 
ee , Eng g ews KK 
FROM: [Cs citee Engineer 
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SUBJECT: "Security Requirements for Automated 
Information Systems Located in Overseas 
Installations", comments thereon 
Attached are Systems Programming Division and 
Engineering Division comments on the subject document. 
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16 June 1980 


Comments on "Security Requirements for 
Automated Information Systems 
Located in Overseas Installations" 


1. Requirements for semiconductor volatile memory 
may be over-restrictive (probably makes no difference now, 
but could affect use of bubble memories in the future). 


Won-volatile memory is comparable to non-removable storage 
media. 


2. Removability of storage media ought not be an absolute 
requirement for overseas computers. Technology appears to be 
moving in the direction of non-removability. Instead, there 
should be procedures governing how non-removable media is to be 
handled (e.g. guarded, encrypted, etc.) 


3. Page 16 ~ 17, paragraph 2 refers to system software 
services. The word "exclusive" is unclear as is the phrase 
"secure manner". ILLEGIB 


4, Page 17, paragraph 3 is unclear 


5. Page 18, paragraph 5.b.1, requires passwords for each 
file. It is more appropriate to require that access be 
authenticated by password and that there be mechanisms 
restricting file access to authorized users. 


6. Similarly, in paragraph 5.c, access to the system 
ought to be controlled by password. Access to restricted files 
could then depend on the authentication provided during initial 
signon. It may be appropriate to utilize file passwords for 
infrequently accessed collections of files. However, requiring 
Separate passwords for each file will increase the likelihood of 
passwords being compromised. 


7. Audit trail requirement (page 19) is too stringent for 
existing software. 


8. The requirement (page 20, paragraph 3) that a security 
officer be involved in restarting a failed system is impractical. 


9. "Security Deviation" (page 20, paragraph 7) should be 
clarified. Different reactions are appropriate to different 
situations. 
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I Purpose 


This manual establishes security requirements, standards, and 
specifications for the protection of word and/or data processing 
(ADP) systems (hereinafter referred to as automated information 
ing systems) and information stored in or processed by 
information systems located in overseas Stations ‘or Bases 
(hereinafter referred to as"overseas location(s)". 


Il Applicability 


. The security requirements, standards, and specifications 


established herein apply to all automated information processing 
Systems used at overseas locations. This includes systems which 
interface with telecommunications services, as well as stand-alone 
and networked Systems. These requirements do not replace or 
super¢gede existing minimum requirements established by other 
directives, but rather establish a base for additional security in 
the area covered. 


IIT Responsibilities 


A. Responsible Headquarters Component 
The Headquarters Component having primary responsibility 
for the proposed site of an automated information 
processing system in an overseas location shall: 


1. Request of the Chiez, Information Systems Security 
Group, (ISSG) Office of Security, the necessary 
pre-installation security survey of the proposed 
overseas location. 


2. In coordination with the Chief of Station or Base, 
approve the designation of a qualified ADP System 
Security Officer for the proposed site. 


3. In coordination with the Chief of Station or Base, the 
assigned Information System Security Officer (ISSO), 
and other Headquarters components as required, develop 
an ADP System In: tallation Plan tailored to the 
selected Station or Base. (See Paragraph C. below) 


&. Submit the developed ADP System Installacion Plan to 
the Chief, ISSG, Office of Security, for final 
approval. The transmittal document will include a 
certification that the requirements, standards, and 
specifications recommended by the pre-installation 
security survey team and established herein are to be 
implemented for the Station or Base. 


5. In coordination with the designated Information 
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Systems Security Officer (ISSO), develop Station or 
Base Emergency Plan documentation for the evacuation 
and/or destruction of data and program storage media, 
and system equipment. : 


B. Overseas Location 


The Chief of each Station or Base proposing to uSe an 
automated information processing system shall 


l. Provide area, space, and any special recommendations 
to the appropriate Headquarters component for 
inclusion in the ADP System Installation Plan. 


2. In coordination with the Headquarters component, 
designate an ADP System Security Officer for the 
Station or Base. 


3. Direct the ADP System Security Officer to establish 
and implement in coordination with the designated 
Information Systems Security Officer (ISSO), a formal 
ADP System Security Program to ensure compliance with 
the requirements established herein for the location's 
automated information processing system. 


C. Information Systems Security Group (ISSG), 
Office of Security 


25X1 
The Chief, ISSG, is responsible as the[ _—i| ISSO to 
determine, formulate, interpret, and disseminate 
policies, and guide the implementation of the security 
requirements, standards, and specifications within 
25xX1 [end its facilities to ensure compliance with 

applicable Executive Orders and Directives relating to 
information systems in accordance with DCID 1/1A. 


The Chiez, ISSG, shall appoint an Information Systems 

Security Officer (ISSO) for each overseas location 

designated to use an automated information proceoss Ng 

system. The ISSO shall: 

1. Serve as the security focal point for each assigned 
automated information processing system. 


2. Review the ADP System Installation Plan for each 
assigned overseas location to ensure that all 
requirements, standards, and specifications relevant 
to the proposed installation are implemented. This 
includes obtaining written certification from the 
responsible Headquarters component of the satisfactory 
compliance with these requirements. 
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Submit for approval by the Chief, ISSG, the ADP System 
Installation Plan established for each assigned 
overseas location. 


Obtain approval for the ADP System, Security Program 
from the Chief, ISSG, for each location. This program 
shall include the complete spectrum of security 
controls and safeguards for each system in each 
location. The ADP System Security Program shall be 
Prepared with appropriate input from other 
Headquarters components having specific areas of 
interest. These include but are not limited to the 
responsible Headquarters component, the Overseas 
Security Support Branch (Office of Security), the 
Communications Security Division (Office of 
Communications), and the Technical Security Division 
(Office of Security). 


Conduct and/or participate in pre-installation 
security surveys of each assigned overseas automated © 
information processing site. 


AS appropriate, eosrdinate reports received concerning 
each assigned overseas location's automated 
information processing system with the Overseas 
Security Support Branch (Office of Security), the 
Communications Security Division (Office of 
Communications), the Technical Security Division 
(Office of Security), and the responsible Headquarters 
component. 


Review the ADP System Security Program established for 
each assigned overseas location for continued — 
compliance with the requirements, standards, and 
specifications established herein, 


Schedule and conduct an annual security survey and 
audit of each assigned overseas automated information 
processing system. 


Overseas Security Support Branch 
(OSSB), Office of Security 


The overseas Security Support Branch shall: 


1G 


Interpret, and disseminate policies relating 
physical security matters as they pertain to 
automated information processing systems in overseas 
locations. 


In coordination with the designated ISSO, conduct 

periodic (minimum once every 2 years) physical 

security surveys of all automated information 
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Processing systems in overseas locations. 


3. As appropriate, coordinate all physical Security . 
reports received concerning overseas&S automated 
information Processing locations with the Information 
Systems Security Group (Office of Security), the 
Communications Security Division (Office of: 
Communications), the Technical Security Division: 
(Office of Security), and the responsible Headquarters 
component. 


4. As required, Participate in pre-installation physical 


security surveys of proposed overseas automated 
information processing system locations. 


Communications Security Division (CSD), 


Office of Communications 


l. Interpret and disseminate policies relating to 


c tions security matters as they pertain to 
[___,_putonates information processing systems 
ocated in overseas locations, including those systems 


used for telecommunications services, 
Conduct TEMPEST testing for all [ape Systems 
located in overseas locations, 


3. AS appropriate, coordinate reports received concerning 
overseas automated information processing system 
communications security matters with the Information 
Systems Security Group (Office of Security), the 
Overseas Security Support Branch (Office of Security), 
the Technical Security Division (Office of Serurity) 
and the responsible Headquarters component. 


N 
e 


Area Heacquarters, Office of Communications 

The Area Headquarters shall: 

1. Conduct communications securi inspections, excluding 
TEMPEST testing, of all [ — Jeutomates information 
processing systems located in overseas locations. 

2. As required, participate in pre-installation security 


Surveys of proposed overseas automated information 
Processing systems. 


Technical Security Division (TSD), 
Office of Security 


The Technical Security Division shall: 


PORE, 
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1. Conduct an Audio Countermeasures (ACM) inspection of 
all automated information Processing system locations 
and all user terminal positions remote from the 
automated information Processing system central 
processor. 


2. Install an approved alarm System in the ADP Facility 
and all areas remote from the ADP Facility in which 
user terminals are positioned. ("ADP Facility" is 
defined in Section Iv A). 


IV System Security Requirements 

: A. Physical Security | 
1. ADP Facility Location 
mae ety bocation 


All automated information processing system equipment 
excluding terminals approved for locations remot 

a central processor, shall be located within 
controlled space within the overseas location7in an 
interior room, when possible, and on a floor which 
precludes access from the outside (hereinafter 
referred to as the "App Facility"). 


25X1 


2. User Terminal Locations 
aaa neal Locations 


All user terminals should be located within the ADP 
Facility: Recognizing, however, that Station or Base 
operational requirements or Physical restrictions may 
preclude the installation of all user terminals within 
the ADP Facility, the following requirements are 
established as minimum for the location of user 
terminals in positions remote from the ADP Facility: 


25X14 a. terminals shall be located within 
Controlled space. i 


b. All user terminals shall be located in alarm 
Protected areas and, when Possible, in rooms 
meeting the criteria for a "secure area", (See 
Section IV B — Technical Security). 
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a. Existing cee 
An ADP Facility which is to be located in an 
existing building shall be constructed to meet the 
existing criteria for a "Secure area". 


b. New Buildings 


5X1 


be approved by the Office of Communications. 


4. Personnel Access Controls 


a. Station or Base 


25X1 Approved 24 hour a | at protection is 
required at each location in which an ADP Facility 
is installed. Headquarters will normally not 
approve installation of an A n sites 

Zon lacking the 24 hour eporoved| | because 
of the inability to provide satisfactory alarm 


response, 


b. ADP Facility 


oy eet employees who possess an 
established need-to-know, as determined by the 
Chief of Station or Base, shall be allowed access 
to the ADP Facility. If cryptographic equipment or 
material is installed in the ADP Facility, 


appropriate Cryptographic clearances are required. 
{See Section IV Paragraph C5b). 


25X1 


c. Storage Areas 


25X1 ie | a employees who possess an 
established need-to-know shall be allowed access to 
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the approved Storage area in which data and program 
Storage media are maintained. 


5. Data and Program Storage Media 
em storage Media 
a. Identification/Labeling 


1) Demountable data and program Storage media 
(magnetic tapes, disk packs, floppy disks, a3 
cassettes) shall bear an external label to 
Clearly indicate the highest Security 
Clasification and/or compartments of the 
information stored on the media. 


2) Card decks shall be marked So as to clearly 


3) Program listings, including Program listings on 
microform, shall be labeled so as to clearly 
indicate the highest Security classification 
and/or compartments of the information listed. 


4) Any punched Paper tapes used shall be labeled 
and marked so as to clearly indicate the highest 
Security classification and/or compartments of 
the information recorded. 


b. Storage 


All demountable data and Program storage media, 
when not being used, shall be Placed in an approved 
Class 5 security container. These security 
containers may be located within the app Facility 
Or the Station or Base vault (other than that used 
for communications facilities) Provided the Station 
or Base vault meets the Standards established for 


fC. Open Shelf Storage 


ADP Facilities wherein the system does not have 
removable storage media or where the internal 
memory is non-volatile, shall only be approved when 
the construction of the ADP Facility meets the 
requirements for open shelf storage of the material 
contained, 


d. Transportation 


The physical movement of all demountable data and 
Program storage media outside the approved secure 
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area, or between the overseas location's buildings, 
shall be accomplished in accordance with existing 
requirements for the movement of classified 
documents of an equal classification. The 
prescribed and approved logging and personal 
accountability procedures shall be used. 


e. Logging and Personal Accountability 


1) A logging and personal accountability system 
shall be established and maintained, and shall 
be based on procedures approved by the 
designated Information System Security officer. 


2)[._]Staff employees shall be designated and 
identifiable on an access List to receipt for 
all classified data and program storage media. 


3) The logging and personal accountability system 
shall include logs for the removal and return of 
all demountable data and program storage media 
from and to the approved storage area. 


4) Tne access lists and the logging and personal 
accountability system shall be periodically 
reviewed by the designated Information Systems 
Security Officer to determine their accuracy and 
currency. 


B. Technical Security 


1. 


3. 


Audio Countermeasures 


An Audio Countermeasures (ACM) inspection will be 
conducted in the proposed ADP Facility and in all 
areas remote from the ADP Facility in which user 
terminals are to be positioned, prior to the 
operational implementation of any automated 
information processing. 


Alarm Systems 


The ADP Facility and all areas remote from the ADP 
Facility in which user terminals are to be positioned 
shall be equipped with an Office of Security approved 
alarm system. If the ADP Facility, or any user 
terminal area, is partitioned into separate areas by 
wall to ceiling panels, each subdivided area shall |: 
have an independent alarm and/or sensor. 


Procedures ~ Alarm Activation 
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The shall immediately summon the 
responsible officer. 


The responsible[ silo fficer shall inspect the 
alarmed area for evidence of a penetration or 
attempted entry. 


If evidence of a penetration or attempted entry is 
discovered, the responsible[_ sof ficer shall: 


1) Fully secure the affected area. If the ADP 
Facility or area in which a remote user terminal 
is located cannot be fully secured after an 
alarm activation, the area shall be occupied by 
an [stare employee until the alarm 
system is restored to service. 


Report 


a) Time of alarm activation 
b) Area of alarm activation 
c) Type of alarm (volumetric or door contact) 


ad) Condition at the time of alarm activation, 
ie. 


(1) Was there a power failure in the area? 


(2) Did alarm function properly when checked 
following the activation? 


(3) Any other information which will assist 
the Chief, Regional Security Group, to 
determine whether the information 
processing equipment affected can be 
Placed back in operation, and when. 


3) Maintain the affected area and equipment in a 
fully secure status until a response is - 
received. 


4) Following the response, arrange for the conduct 
of a full audio countermeasures inspection prior 
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to placing the area and equipment back into 
service. 
4. Procedures - Alarm Failure 


In the event of an alarm failure the responsible 
25X1 [sip fficer shall: 


25X41 a. Report the incident via a PRIORITY cable slugged 


1) Time alarm failure discovered 


2) Area of alarm failure 
3) Type of alarin (volumetric or door contacet) 


4) As much information about the alarm failure as 
possible to assist the regional security group 
and or Headquarters to diagnose the failure 
problem. I€ repair instructions cannot be 
provided by cable, a qualified security officer 
will be sent to the Station or Base either from 
the appropriate regional group or Headquarters. 


b. Obtain appropriate increased guard coverage until 
the alarm is again operational. 


C. Communications Security — 


1. Equipment Installation 


a. General 


National Communications Security policy requires 


therefore, must be protected by one of these means 
if classified information is processed. The 
Standards for Protected Distribution Systems are 
contained in National COMSEC Instruction (NACST) 
4009. 


b. Power SECREI 
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1) 


2) 


A non-standard power Plug and receptable shall 
be used for all automated information processing 
System equipment to the Selected power outlet to 
preclude movement of the equipment from its 
designated installation position. 


All automated information processing system 
equipment shall be connected to a ground and 
that ground shall be made through the ground 
wire of the ac power cord, 


Cc. Conduit 


1) 


2) 


All equipment installations that plan to use a 
protected distribution System shall be 
considered for approval on a case-by-case basis, 


All automated information Processing system 
equipment shall be installed using a dedicated 
power run housed in ferrous conduit and 
terminating at its own breaker in the power 
Panel closest to the’ equipment. 


2. Telecommunications Equipment In:.tallatio 


a. Standards 


Installations of automated information Processing 
System equipment to be used for telecommunications 
Services shall meet the standards defined in the 
Office of Communications handbooks OCHB~> 10.70.2 


(St 


aff Communications Security General) and 


National Communications Security Instruction 
(NACST) 5203, 


3. Telecommunications Signal Lines 
one ee tes 


a. Criteria 


Signal lines connecting the installed automated 
information Processing system equipment ‘to the 
Station or Base Communications Center, when the 
equipment is used for telecommunications services, 
Shall meet the following criteria: 


1) The signal line must be optically isolated to 


2) 


break the signal line metallic conductors. 


The signal line must be non-ferrous cable with 
the shield grounded at the communications 
Facility end only. 
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4. 


Emanations 


a. All automated information processing system 


equipment used in overseas locations shall meet the 
specifications set forth in the National 
COMSEC/EMSEC Information Memorandum (NACSEM) 5100. 


b. All installations of automated information 


processing system equipment, regardless of mode of 
operation, shall be in accordance with the NACSTI 
5203 publication. 


c. All automated information processing system 


equipment installed in overseas locations shall be 
positioned, where possible, so as to have a three 
(3) foot area of control which is the three 
dimensional space Surrounding the automated 
information processing system equipment. 
25x 


e. The following minimum installation separation 


requirements shall apply to all automated 
information processing system equipment installed 
in overseas locations. 


SEPARATION FROM MINIMUM DISTANCE 
Transmitters/keceivers 3 Feet 
CCTV/Tape Recorders 3 Feet 
Converters/Oscillators 3 Feet 
Black Signal Lines 2 inches 
Modems 2 inches 
Black Patch Panels 2 Inches 
Power Lines 2 Inches 
Black Telephones 3 Feet 
Step Down Transformers 2 Inches 
Black Computer Processors 3 Feet 
Voltage Regulators 2 Inches 
Outside and Uncontrolled Walls 3 Feet 
Intercom Systems 3 Feet 

Cd ret 


f. Radios and/or other electrically operated 


entertainment devices shall not be located in the 
ADP Facility nor in any room housing cryptographic 
equipment. Further, radios and/or other 
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electrically operated entertainment equipment shall 
not be located within 3 feet of any automated 
information processing, or Cryptographic equipment, 
regardless of the number of intervening walls. 


5. Cryptographic Security 
a. All cryptographic equipment shall be installed, 
operated, and maintained in accordance with the 
procedures issued by the Office o£ Communications. 


b. All cryptographic equipment and all other COMSEC 
accountable material will be issued to the Station 
or Base "Communications Facility COMSEC Custodian" 
by the Central Office of Record (COR). The 
Communications Facility COMSEC Custodian will, in 
turn, issue the required material to the Station or 
Base ADP System Security Officer on a hand receipt 
which will be updated semi-annually. 


D. Information Systems Security 
1. System Hardware 


Unless a formal waiver is obtained from the Director 
of Security, the following automated information 
Processing system hardware requirements are 
established as minimum. 


a. All automated information processing system 
equipment shall be TEMPEST approved. 


b. All automated information Processing system central 
Processor units shall possess Semiconductor 
volatile internal memory. 


Cc. All automated information Processing system 
equipment shall use removable data storage media 
(disks, disk packs, magnetic tapes, floppy disks, 
tape cassettes). 

2. System Software 

All automated information Processing systems which 

utilize an Operating System shall provide the 


following exclusive services: 


1) Cause all applications Programs to load as 
scheduled. 


2) Allocate memory, direct access storage space, 
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and devices to applications programs. 


3) Handle all input/o tput functions related to 
available and shared resources. 


4) Handle all interrupts designated for 
applications programs in a known and secure 
manner. 


5) Protect itself, and provide an authorization 
function to permit only approved sets of 
individuals and programs to be combined for a 
particular job run. 


6) Provide for the production of an audit trail 
record. (See Audit Trails, Section IV Paragraph 
DA). 
Data Files 


All data files used and/or created during processing 


shall contaj nly data record: orsanized for 
processiw[_Jand/or [____] related 


information. 


Sanitization/Destruction 


a. Policy 


The sanitization requirements and procedures 
established herein do not apply to "Restricted 
Data" or formerly "Restricted Data" as defined in 
Section II, Atomic Energy Act of 1954 as amended, 
ana codified at 42 USC, Section 201l(y), or to 
storage media on which COMSEC keying material has 
aver been recorded. These materials shall be either 
destroyed or returned to Headquarters in compliance 
with current directives concerning such materials. 


b. Procedures 
1) Card Decks, Program Listings, and Paper Tapes 
When no longer needed for the processing of 
I card decks, program listings, 
, or paper tapes shall be destroyed in 
accordance with current security approved 
destruction procedures 


2) All Other Data and Program Storage Media 


When no ionger needed for the processing of 
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enerael ott: or when deemed inoperative, all 
otner data and program Storage media (magnetic 
tapes, floppy disks, tape cassettes, disk packs, 
Or other rigid magnetic Storage devices) shall 
be either destroyed in accordahce with current 
security approved destruction procedures, or 
returned to the Responsible Headquarters 
component via classified pouch for appropriate 
disposition. 


5 System Access Controls 


a. Remote Terminal/Terminal Areas 


1) User terminals located in Positions/areas 


2) 


remoted from the ADP Facility shall be system 
identifiable, by location, and individually 
designated for a specific security 
Classification access level, 


Access to areas in which remote terminals are 

installed shall be restricted during processing 
operations; only those terminals designated for 
the security classification access level being 


Processed shall be logically connected 
data Processing system, and only those[ | 
employees with an established need to know shall 


be allowed access to the system. 


Data Files 


1) 


2) 


3) 


gach[____ data €ile shall be controlled by a 


Eile password and indicators to describe to the 
System the type of access authorized. 


Access to the master data file containing the 
assigned unique user Passwords shall be limited 
to the Station or Base ADP System Security 
Officer (the assigner). 


Access 22 ae files shall be permitted 
only at spectrred—and System identifiable 


terminals, and System output shall be restricted 
to the same specific identifiable terminals ind 
printers. 


User Identifiers (Passwords) 


1) 


User access to an [aes File shall be 


controlled through the use of a unique t 
identifier (Password), and shall be 
authenticated by the System each time the user 
desires to access the data Processing system. 
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2) The password shall not be printed or displayed 
at any terminal and shall be considered to be at 
the highest classification level of the data 
processed by the system insofar as its issuance, 
individual handling, and storage. 


3) User data file passwords shall be changed and 
new passwords issued: 


a) Immediately following any suspected security 
compromise, or 


b) When it is detsrmined that an individual no 
longer requires access to the system, or 


c) Every six months. 


NOTE 1: 
These requirements do not apply to 
Stand-alone word processing terminals. 


NOTE 2: 

For some Stations or Bases located in 
criteria areas, the ISSO may require more 
Frequent password changes. 


§. Audit Trails 


All automated information processing systems which 
utilize an Operating System shall provide an audit 
trail record capability. The audit trail <secord, as a 
minimum, shall accurately reflect: 


a. Ali unauthorized attempts to access the information 
processing system, any application program, or any 
data file. 


b. All authorized system users who attempt to access 
an unauthorized application program or data file. 


c. Any system user who accesses, or attempts to 
access, an application program. or data file during 
non-duty hours. 


V System Operation 
A. System Preparation 
1. Approved physical security safeguards as defined in 
the overseas location's ADP System Security Program 


and applicable to the information processing system to 
be used shall be activated. 
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When no cryptographic equipment is included in an ADP 
installation, the procedures approved by the Director 
of Security for controlling personnel access to the 
ADP Facility, and any remote terminals to be used, 
shall be activated. When cryptographic equipment is 
included in the ADP installation, the procedures 
approved by the Director of Communications, and 
coordinated with the Director of Security, shall be 
implemented. ; 


All telephones located in the ADP Pacility shall be 
physically disconnected using a plug and jack 
arrangement, or a WecoO 270 disconnect, or secured with 
an approved cryptographic system. 


The demountable data and program storage media to be 
used during processing shall be removed from security 
approved storage, mounted on the appropriate 
equipment, and the system made ready for processing. 


Data Processing 


1. 


All system controls shall conform to those required 
for the protection of the highest classification of 
the information being processed. 


Authentication of system user personnel shall be 
performed by the ADP system. 


Should an abnormal data processing system operation 
occur involving any demountable data and/or program 
storage media (runaway tape or malfunctioning disk 
pack), the processing operation shall be stopped and 
the ADP System Security Officer shall be contacted for 
a determination of the action to be taken. 


Following any abnormal system operation, the incident 
shall be logged and the log maintained. 


Following an abnormal system operation, the ADP System 
Security Officer shall, within 24 hours of the 
eccurance of the incident, notify Headquarters via 
ROUTINE cable slugged [Jot the incident and the 
corrective action taken. ‘ 


Following an abnormal system operation, the System 
Operating System shall be reloaded and the information 
processing system reinitialized. 


Should a security deviation (i.e., a suspected 
security compromise) occur during the data processing 
operation, the processing operation shall be stopped, 
and the ADP System Security Officer contacted 
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10. 


immediately for a determination of the action to be 
taken. 


Following a suspécted security compromise, the 
incident shall be logged and the log maintained. 


Following a suspected security compromise, the ADP 
System Security Officer shall, within 24 hours of the 
occurance of the incid tify Headquarters via 
PRIORITY cable swuggea— | unless the Chief of 
Station or Base determines that an IMMEDIATE OR 
IMMEDIATE NIACT cable is indicated by the 
circumstances of the incident. Corrective action taken 
by the ADP System Security Officer will be included. 
If cryptographic material is involved in the incident, 
an INFO copy of the cable will be provided the 
Communications Security Division (CSD), Office of 
Communications by the inclusion of the COMMO slug. 


Should an act of nature or man~initiated emergency 
occur (e.g. fire, earthquake, riot, terrorism) or 
threaten, the ADP System Security Officer shall be 
contacted immediately. The ADP System Security Officer 
shall prepare to initiate appropriate emergency 
procedures. See Section VIII. Actual destruction of 
any storage media or equipment shall be at the 
direction of the Chief of Station or Base, or when 
loss of control of the Facility is imminent. 


C. Processing Termination-Normal 


All demountable data and program storage media used or 
produced during the processing operation, including 
the Operating System, shall be removed from the 
appropriate device. 


All demountable data and program storage media used 
during the processing operation, incuding the 
Operating System, shall be labeled and placed in 
security approved storage. 


The automated information processing system Main Power 
Switch shall be placed in the OFF position. : 


All classified waste, notes, listings, printer and 
console ribbons for disposal shall be handled in 
accordance with established procedures for destruction 
of classified waste. 


All output such as printouts shall be placed in 
security approved storage. 


The ADP Facility shall be secured in accordance with 
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the pr8®edures approved by the 1s8B and defined in the 
location's ADP System Security Program. 


7. All user terminals located in positions remote from 
the ADP Facility shall be secured in accordance with 
the procedures approved by the ISSO and defined in the 
location's ADP System Security Program. 


D. Processing Termination-Fmergencies 


See Section VIII, Emergency Procedures. 


System Equipment Transportation and Storage 


A. 


Transportation 


The transportation of automated information Processing 
System equipment for installation in overseas locations, 
and the return of system components and equipment for 
repair/maintenance, shall be accomplished using the 
currently available TECHREO procedure. 


Storage 


The Chief of Station or Base shall provide storage for 
all automated information processing equipment receiv _4 
and waiting installation in an area which me -ts the 
Security requirements established in Section IV, 
Paragraph A3a. 


System Maintenance/Modification 


A. System Hardware 


l. Maintenance 


All on-site maintenance of automate i information 
processing system equipment installed in an overseas 


location shall ke performed by[ _] per sonnel 
assigned to the Area Telecommuntcations Office, Office 


of Communications. 


2. Modifications 


All on-site changes of equipment configuration, or 
modifications to an existing system component, shall 
be: . 
a. Approved, in writing, by the Chief, Information | 
SECK | 
NEI 


—- 2? - 


Approved For Release 2006/11/04 : CIA-RDP83T00573R000300130017-0 


25X1 


B. 


Approved For please 2006/11/04 : CUT DP 8 Fops 7 amQN0300130017-0 


Systems Security Group, and 


b. Accomplished by[ personnel assigned to the 
Area Technical Office, Area Headquarters, Office of 
Communications. 


System Software 
1. Maintenance/Modifications 


a. All automated information processing system 
software (programming) maintenance and/or 
modifications shall be acconplished under the 
control of the Responsible Headquarters component 
office and provided to the overseas location as a 
completely tested and operational module or 
software package. 


b. The responsible ISSO shall, in coordination with 
the Responsible Headquarters component office, 
review all system software modifications and 
certify, in writing, that the modification does not 
impact adversely the security profile of the 
modified system. 


VIII Emergency Procedures 


Ae 


In coordination with the ISSO and the Station or Base ADP 
System Security Officer, the Headquarters component 
office having primary responsibility shall develop, 
document, and maintain the following automated 
information processing system emergency procedures. 


1. Emergency Sanitization - Data and Program Storage 
Media 


2. Emergency Protection - Data and Program Storage Media 


3. Emergency Protection ~- Word and Data Processing 
Equipment aie 


. Emergency Destruction - Data and Program Storage Media 


5. Emergency Destruction - Word and Data Processing 
Equipment 


Each Emergency Procedure will be submitted to the Chief, 
Information Systems Security Group for final approval. , 
The Chief, Information Systems Security Group shall, as 
appropriate, coordinate each Emergency Procedure with the 
Overseas Security Support Branch (OSSB), Office of 
Security, the Communications Security Division (CSD), 
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Office of Communications, and the Technical Security 
Division (TSD), Office of Security, prior to final 
approval. 


C. Procedures for the handling of cryptographic equipment 
and materials in emergencies shall be in accordance with 
the requirements stated in the Station or Base 
Communications Facility Emergency Destruction Plan and 
any additional local procedures agreed upon between the 
location's ADP System Security Officer and the 
Telecommunications Officer. 
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